How to Configure Firewall on Debian Using UFW
Securing a Debian system is essential and an important step in achieving this is configuring the firewall. Firewalls are not complicated. UFW provides a user-friendly way to control incoming and outgoing traffic, strengthening your system's defenses against unauthorized access and potential threats.
Here's everything you need to know about effectively installing, configuring, and managing a firewall using UFW on a Debian system.
What is UFW?
UFW or Uncomplicated Firewall is a user-friendly front-end for iptables and one of the best firewalls for Linux. You can easily install this firewall management tool on different Linux distributions, including Debian.
UFW simplifies the complex iptables configuration process by providing simplified interfaces and commands. This firewall allows you to define rules for handling network traffic. This ensures that only authorized connections are allowed and prevents potential security risks.
Note : Firewalls are very different from antivirus software.
How to Install UFW on Debian
Before moving on to the UFW configuration, install it on your Debian machine. To do that, first open a terminal and update the packages with:
sudo apt update
Install UFW on Debian with:
sudo apt install ufw -y
Once UFW is installed, you can enable it with:
sudo ufw enable
Defining UFW Rules on Debian
You can control the network traffic of a Debian system by defining some UFW rules. For example, here's a description of some of the UFW rules:
- allow : Grants access to any traffic to specified services, ports, or services
- deny : Stops access to any traffic to specified services, ports or IP addresses
- Ports can be identified by numbers, such as 22, or by their names, such as
- Specify a single IP address or use the any option to allow all IP addresses
- UFW by default blocks all computer IP addresses
Configure Default UFW Rules on Debian
To configure default firewall rules on Debian, see the examples given.
1. Allow all outgoing connections
By default, UFW blocks or denies all outgoing connections. However, you can allow them with:
sudo ufw default allow outgoing
2. Block or deny all incoming connections
Execute the following command to block all incoming connections:
sudo ufw default deny incoming
3. Allow a specific port
To allow network traffic on a port identified with UFW, add the port number to the whitelist:
sudo ufw allow 22
Or port name:
sudo ufw allow ssh
4. Deny a specific port
Similarly, deny network traffic on any given port using the deny method with the port number or name:
sudo ufw deny 443
5. Allow IP addresses
To allow traffic from a specific IP address, run:
sudo ufw allow from 192.168.9.12
6. Reject IP address
You can also deny traffic from an IP address with:
sudo ufw deny from 192.168.9.12
7. Restart UFW
After defining the desired rules, simply restart UFW to apply all the changes:
sudo systemctl restart ufw
8. UFW . status display
Display the status of UFW and its operating rules with:
sudo ufw status verbose
9. Reset UFW . rules
To reset all UFW rules to default, run:
sudo ufw reset
How to Uninstall UFW on Debian
You can easily uninstall UFW on Debian with:
sudo apt purge ufw gufw -y
You should read it
- How to configure the router as an IoT firewall
- Install and configure email handling solutions on TMG 2010 Firewall - Part 2: E-Mail Policy
- Install and configure email handling solutions on TMG 2010 Firewall - Part 5
- Configure advanced firewall in Windows Server 2008 using the MMC snap-in
- Configure advanced firewall in Windows 2008 using NETSH CLI
- Install and configure email handling solutions on TMG 2010 Firewall - Part 3
- Install and configure the solution to handle email on TMG 2010 Firewall - Part 1: Installation
- Secure remote firewall system with SSH
May be interested
- Install and configure email handling solutions on TMG 2010 Firewall - Part 3in this section, i will show you what you can do when configuring the anti-spam features on the tmg 2010 firewall.
- Install and configure the solution to handle email on TMG 2010 Firewall - Part 1: Installationin this article we will show you how to install and configure an email handling solution on tmg 2010 firewall.
- Secure remote firewall system with SSHmost firewall systems integrate a web-based component that allows users to configure these firewall systems.
- How to export or back up Windows Firewall ruleswhen you configure the firewall, it is important that you back up all windows firewall rules for safety and security. in this quick guide, tipsmake.com will show you the steps to back up windows firewall rules in windows 10.
- 5 reasons why you should use a firewallwhat is the firewall used for? can you be safe without it? keep reading to find out why you really need a firewall.
- Configure the firewall after installing Windows XP SP2after installing windows xp service pack 2 (sp2), you will see some changes to the firewall system; and depending on the system, you may have to adjust the firewall's configuration to make it more stable.
- Check the TMG 2010 virtual private network server - Part 2: Configure TMG Firewall as the PPTP Remote Access VPN Serverin part 2 of this series, i will show you how to configure the firewall to accept pptp and l2tp / ipsec connections.
- How to upgrade Debianin every two year period, debian will have no changes. program and feature versions remain the same during this time.
- What is a firewall? Overview of Firewallwhat is a firewall overview of a firewall. a firewall, also known as a firewall, is a technique that is integrated into the network to prevent unauthorized access, to protect internal information sources and prevent unwanted intrusion into the system. fire
- How to Install Gradle on Debian 10gradle is a popular build tool primarily designed for software development in java. in this article, we will guide you through the steps you need to take to install gradle on debian 10.